Until 2 months ago, Mt. Gox was using unsalted MD5 hashing to protect its Bitcoin users' passwords. The site was lucky -- very lucky -- that it added the salt right before it lost its database. (Source: Google Images)

Bitcoin enthusiasts have been forced to realize that exchange closures are a reality of modern economics. (Source: Nerd Merit Badges)

A very real unresolved issue facing the market is what to do about botnet miners. (Source: Google Images)

Market still hasn't been reopened, three days later

DailyTech was among the first to report on the massive hack of Mt. Gox and was the first to correctly note that the world's largest Bitcoin exchange was using a mix of unsalted MD5 (very insecure) and salted MD5 (somewhat secure) passwords.

Since the Sunday events, Mt. Gox has been scrambling to reopen and reform.

I. Confirmation -- Insecure Standard Was Used for Over a Year

Mt. Gox revealed on Monday that the forum posts by administrators and Mt. Gox users (which we cited) were correct -- some of the accounts were unsalted.

If you receive ANY email which seems coming from Mt.Gox asking you to download something (certificate, generating program, etc), DO NOT DOWNLOAD. Do not either input your password on any site which is not MTGOX.COM.

[Update - 2:06 GMT] What we know and what is being done.

It appears that someone who performs audits on our system and had read-only access to our database had their computer compromised. This allowed for someone to pull our database. The site was not compromised with a SQL injection as many are reporting, so in effect the site was not hacked.

Two months ago we migrated from MD5 hashing to freeBSD MD5 salted hashing. The unsalted user accounts in the wild are ones that haven't been accessed in over 2 months and are considered idle. Once we are back up we will have implemented SHA-512 multi-iteration salted hashing and all users will be required to update to a new strong password.

We have been working with Google to ensure any gmail accounts associated with Mt.Gox user accounts have been locked and need to be reverified.

Mt.Gox will continue to be offline as we continue our investigation, at this time we are pushing it to 8:00am GMT.

When Mt.Gox comes back online, we will be putting all users through a new security measure to authenticate the users. This will be a mix of matching the last IP address that accessed the account, verifying their email address, account name and old password. Users will then be prompted to enter in a new strong password.

Once Mt.Gox is back online, trades 218869~222470 will be reverted.

The fact that Mt. Gox was using salted MD5 is somewhat disappointing as for a financial institution -- particularly an exchange that handles nearly 90 percent of the $130M+ USD of Bitcoins in existence -- you would expect them to only use the latest and greatest in encryption (like the salted SHA-512, which they are now migrating too).

The fact that up until 2 months ago they used unsalted MD5 -- which has been easily crackable by rainbow tables and brute force attacks for years -- is downright disturbing. As it is, it appears very, very lucky that Mt. Gox decided to migrate to salted MD5 when it did. Otherwise the damage might have taken weeks or months to revert, not days.

While there's no proof of causation, perhaps the attacks on Sony Corp. (TYO:6758) proved a wakeup call for Mt. Gox. As a result it decided to patch up its blatantly unacceptable hashing scheme with a slightly better one, just in the nick of time.

II. Out With The Old, In With the New

At least Mt. Gox seems to have learned its lesson. It writes:

SHA-512 multi-iteration salted hashing is in enabled and ready for when we get users reactivating their accounts

We are going to push our relaunch time to 2:00am GMT tomorrow so we have time to launch a our new backend and withdraw passwords.

This is a very good sign. In and of itself "salting" the hash is an approach whose quality is highly dependent on how often you use the same salt. While not as good as unique salting, iterative salts promise that the same salt is not used for all users' hashed passwords. Thus it's harder to crack. Combined with the superior strength of SHA-512, this scheme should be very strong by today's cracking methods and computing power, as long as the code that generates the salts is never leaked.

For the time being, deposits that were send to Mt.Gox accounts that were not in accounts before we took things offline will be in a "pending" status. Once we have the new backend in place, we will start processing these pending deposits and withdraws. Also, shortly after the backend is up and running we will allow customers with newly reclaimed accounts to login to Mt.Gox, and use the site as per usual, with the exception that active trading will be disabled. Users may place orders to buy or sell, but they will be queued until we enable trading, which will most likely be a couple of hours after users are able to login to Mt.Gox.

Thanks again for your continued patience and understanding while we work to get Mt.Gox back online.

The exchange will reopen at $17.50 USD per Bitcoin. Expect a reopening sometime later this week or next week.

III. An Important Lesson, But More Tough Questions Remain

The Mt. Gox incident was a valuable lesson to the proponents of Bitcoin.

First, it taught them that no matter how "evil" it seemed, there are absolutely cases where markets must be closed from trading. Hopefully, this will now lead to the major exchanges agreeing to close trading early on some days to slow the violent volatility from major inflation or deflation, making Bitcoins "more currency-like".

Second, it taught anyone who runs a Bitcoin exchange that it's absolutely mandatory to use the latest in hashing and salting technology. Weak hashing alone was not enough to protect Mt. Gox, as its attackers quickly exploited over 1,000 accounts.

Bitcoin users can learn a similar lesson from these events -- they must strongly encrypt their local wallet.dat file. There are now trojans in the wild that are stealing Bitcoins from open wallets. The moral of the story -- the necessity of encryption -- is thus equally applicable on both sides of the Bitcoin use (pun not intended).

Of course, additionally, just don't store your wallet on systems you believe might be compromised as an optimistic trojan could wait for you to decrypt your wallet file and then strike.

That said, one very daunting question still facing Bitcoin is the question of mining abuses. A recent Symantec article wrote that botnets of infected computers could mine Bitcoins to make as much as $100,000 USD a month. Such abuse is a major threat to the burgeoning Bitcoin economy if it becomes prevalent as it will both rob innocent miners of their loot and delegitimize the movement itself by equating Bitcoin mining to supporting the spread of malware.

This is a far more troubling problem than the previous ones. The community will have to think long and hard to come up with a good answer.

Comments

Threshold

Username

Password

remember me

This article is over a month old, voting and posting comments is disabled

Still don't get it though...the "mining" for them makes no sense. There's no basis for their value. It's just...wacky.

As I understand it the purpose for mining is to seed initial wealth.

This is a somewhat foreign concept in the world of real world currencies, which typically evolved over hundreds of years, based on the trade of real world commodities like gold or furs. But in effect, these resources did serve as a seeding mechanism for initial wealth. By the time the currency evolved into an abstract (non-commodity based) entity, wealth was already seeded....

The idea with Bitcoin is to skip the commodity phase and compress the seeding process to a couple decades rather than a couple centuries, by seeding by computing an algorithm.

Once wealth has been injected in the system, the idea is that it will trickle down to form a large economy, similar to the ideas of President Reagan...

Here's some graphics to consider. See a problem with the Bush tax cuts? They were far far too much. They are going to contribute more to the deficit than everything else combined. I'm so glad we think we need to give welfare to the rich. Yes, it's welfare because they don't need it in the slightest yet they can't and won't invest enough to make up that revenue. And even in they did the whopping 2%ish of GDP we get back in corporate taxes is not nearly enough to make up for that.

"Intel is investing heavily (think gazillions of dollars and bazillions of engineering man hours) in resources to create an Intel host controllers spec in order to speed time to market of the USB 3.0 technology." -- Intel blogger Nick Knupffer